Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: xC9P2bra/RRXrAZGm0maVN9S0M5/foDcayvtgLXdqQ0=
Subject key identifier: 26:19:8A:A4:92:2D:62:F1:3D:BD:8B:BF:B7:2F:34:87:D8:BA:F8:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08FD70F252C0C3FFA8702B21A1E483B6A42D09A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Fri 24 Oct 2025 00:40:08 +0000
ROA not before: Fri 24 Oct 2025 00:40:08 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:fd:70:f2:52:c0:c3:ff:a8:70:2b:21:a1:e4:83:b6:a4:2d:09:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:08 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=d1567c2da7367d8a42003fcb302022bde020bebdda7dcf769630019be7877fe4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d3:88:f0:17:93:6a:b6:8a:ee:43:20:4f:bb:
24:50:5f:de:f9:90:d7:b1:e1:a9:c8:59:9c:bb:73:
44:40:22:b5:fd:b6:bc:2e:f2:34:fa:94:d0:82:78:
ad:80:49:e5:38:d9:a6:fa:18:d4:74:fd:7c:7a:d6:
38:1c:79:03:7e:c6:f6:49:0c:62:38:db:15:4e:4c:
8a:45:78:3d:f5:85:00:8b:d6:e1:d8:20:e4:6d:5a:
61:7e:0d:e3:70:77:50:c8:cc:6a:a5:a4:d9:9e:18:
5a:ef:05:75:4c:5c:16:33:c2:02:f0:7c:a4:17:dc:
f7:f4:84:d4:b3:40:26:ca:ce:d5:a4:82:58:38:5e:
26:16:55:14:77:58:9c:4f:69:b9:ce:47:8d:23:cf:
66:cc:a9:1b:37:57:97:22:d1:eb:39:d7:32:7a:4d:
8e:69:6f:11:95:7b:8a:9b:d2:ec:06:ae:84:be:b3:
a4:d6:8f:5a:51:bc:5a:ea:23:d8:19:85:e1:ba:a0:
2c:a7:87:de:16:bc:09:75:3e:0b:21:68:a5:a4:b9:
9c:81:a4:90:d6:75:fd:ce:06:4b:42:34:c3:08:e2:
17:6b:81:74:c9:cf:ea:8e:6d:d5:9b:85:c8:1a:d8:
2d:52:ea:e2:cb:ad:63:9e:c9:7c:be:4f:37:cf:9a:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:19:8A:A4:92:2D:62:F1:3D:BD:8B:BF:B7:2F:34:87:D8:BA:F8:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:69:e6:c5:37:98:8c:c8:d0:af:c9:8a:31:f2:da:62:a6:30:
ef:30:b2:56:27:89:dd:7d:55:11:e2:77:b5:8f:e7:7b:05:5a:
83:5a:91:dc:1b:8b:52:fa:00:9b:55:38:22:1f:cf:35:bd:53:
d6:23:5a:31:d0:a3:a6:4c:f5:21:b1:cb:bd:ae:eb:0c:f1:7a:
e2:51:02:cf:ef:f5:ef:54:6b:df:5d:56:8f:a1:5a:5c:35:73:
30:54:8d:b6:55:41:fb:7e:57:fd:ff:92:9c:96:9f:12:42:83:
65:df:06:fe:7e:7f:35:11:62:72:0b:f9:c3:64:98:91:48:b1:
8e:e8:1d:c6:42:f5:d1:ab:f2:e4:48:f6:90:7f:81:ec:b2:ca:
c4:7b:3c:a9:56:db:53:64:f0:7f:50:4c:ac:4c:05:fe:fe:35:
12:25:e5:86:8c:8c:13:d2:ba:d1:c6:2d:a7:30:49:30:e3:df:
17:bd:30:ab:12:11:bc:19:71:65:f1:26:16:b8:02:81:9c:3d:
71:61:b7:d1:4d:5f:7f:38:4f:6c:3a:4c:1c:a5:d4:f0:0f:60:
7b:83:de:ce:e4:8d:8e:ce:27:3d:40:c1:29:87:87:5b:93:db:
d2:dd:e7:09:75:29:45:f4:e3:70:40:b2:da:0d:6d:6b:4e:3d:
b5:57:c2:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCP1w8lLAw/+ocCshoeSDtqQtCaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDhaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNTY3YzJkYTczNjdkOGE0MjAwM2ZjYjMwMjAyMmJkZTAyMGJlYmRkYTdk
Y2Y3Njk2MzAwMTliZTc4NzdmZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3TiPAXk2q2iu5DIE+7JFBf3vmQ17HhqchZnLtzREAitf22vC7yNPqU0IJ4
rYBJ5TjZpvoY1HT9fHrWOBx5A37G9kkMYjjbFU5MikV4PfWFAIvW4dgg5G1aYX4N
43B3UMjMaqWk2Z4YWu8FdUxcFjPCAvB8pBfc9/SE1LNAJsrO1aSCWDheJhZVFHdY
nE9puc5HjSPPZsypGzdXlyLR6znXMnpNjmlvEZV7ipvS7AauhL6zpNaPWlG8Wuoj
2BmF4bqgLKeH3ha8CXU+CyFopaS5nIGkkNZ1/c4GS0I0wwjiF2uBdMnP6o5t1ZuF
yBrYLVLq4sutY57JfL5PN8+ae3ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmGYqk
ki1i8T29i7+3LzSH2Lr4NTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBZaebFN5iMyNCvyYox8tpipjDvMLJWJ4ndfVUR4ne1
j+d7BVqDWpHcG4tS+gCbVTgiH881vVPWI1ox0KOmTPUhscu9rusM8XriUQLP7/Xv
VGvfXVaPoVpcNXMwVI22VUH7flf9/5Kclp8SQoNl3wb+fn81EWJyC/nDZJiRSLGO
6B3GQvXRq/LkSPaQf4HsssrEezypVttTZPB/UEysTAX+/jUSJeWGjIwT0rrRxi2n
MEkw498XvTCrEhG8GXFl8SYWuAKBnD1xYbfRTV9/OE9sOkwcpdTwD2B7g97O5I2O
zic9QMEph4dbk9vS3ecJdSlF9ONwQLLaDW1rTj21V8KR
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:43:32 2025 by rpki-client